authentication and authorization in subfolders

Discussion in 'ASP .Net Security' started by dotosu, Jul 17, 2003.

  1. dotosu

    dotosu Guest

    Hello,
    I went through several posts and found out that it is only possible to
    have the authentication tag only at an app level but the authorization
    tags can be present at the subfolder level after specifying the
    location tag in the web.config file in the subfolder.

    My question is:
    I want to have a forms authentication on the app level and allow only
    about 5 windows users at the subfolder level. Is is possible to do
    this using only the authorization tag? What kind of authentication
    should I use at the app level?

    I would appreciate any help.

    Thanks,
    dotosu
     
    dotosu, Jul 17, 2003
    #1
    1. Advertising

  2. dotosu

    Teemu Keiski Guest

    See this article:
    http://www.dotnetbips.com/displayarticle.aspx?id=201

    about mixing Forms Authentication and Windows Authentication. Perhaps you
    could run the system with Forms Auth-based, but check the Windows Identity
    for those pages where you'd need to check those 5 Windows Identities. I
    believe <authorization> won't help with that one, though (unless you have
    some mapping between forms auth and Windows auth, say if user exists as
    Windows user you could set session variable etc to indicate that user is
    allowed for WinAuth pages or something similar)

    --
    Teemu Keiski
    MCP, Designer/Developer
    Mansoft tietotekniikka Oy
    http://www.mansoft.fi

    AspInsiders Member, www.aspinsiders.com
    ASP.NET Forums Moderator, www.asp.net
    AspAlliance Columnist, www.aspalliance.com


    "dotosu" <> wrote in message
    news:...
    > Hello,
    > I went through several posts and found out that it is only possible to
    > have the authentication tag only at an app level but the authorization
    > tags can be present at the subfolder level after specifying the
    > location tag in the web.config file in the subfolder.
    >
    > My question is:
    > I want to have a forms authentication on the app level and allow only
    > about 5 windows users at the subfolder level. Is is possible to do
    > this using only the authorization tag? What kind of authentication
    > should I use at the app level?
    >
    > I would appreciate any help.
    >
    > Thanks,
    > dotosu
     
    Teemu Keiski, Jul 17, 2003
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Maziar Aflatoun

    Form authentication for subfolders only

    Maziar Aflatoun, Jul 2, 2004, in forum: ASP .Net
    Replies:
    4
    Views:
    4,928
    John Saunders
    Jul 2, 2004
  2. Guest
    Replies:
    4
    Views:
    924
    Eliyahu Goldin
    Jan 4, 2005
  3. Tatyana
    Replies:
    3
    Views:
    4,518
  4. JTR

    Forms Authentication w/SubFolders

    JTR, Jul 29, 2003, in forum: ASP .Net Security
    Replies:
    7
    Views:
    199
    Joel Finkel
    Aug 20, 2003
  5. SeanRW
    Replies:
    1
    Views:
    424
    Dominick Baier [DevelopMentor]
    May 25, 2006
Loading...

Share This Page